Note: SPF mail authentication not set
Hello,
I noticed that SPF (Sender Policy Framework) email authentication is not set for Uncovery emails, excerpt from received email headers:
Authentication-Results: <my mail server>;
dkim=pass (1024-bit rsa key) header.d=uncovery.me header.i=@uncovery.me header.b=JjnecNJl;
dmarc=pass header.from=uncovery.me;
spf=none smtp.mailfrom=apache@uncovery.net smtp.helo=uncovery.net
Received-SPF: none (uncovery.net: No applicable sender policy available) receiver=<my mail server>; identity=mailfrom; envelope-from="apache@uncovery.net";
Perhaps the lack of SPF donates to cases when GMail and perhaps certain other providers mark Uncovery emails as possible spam.
Thanks for the notice, I will check that again. I thought I fixed the SPF properly some time ago.
Ok, so I checked this now again, and it seems to be ok. Can you tell me what email you checked this on and with what tool? Here are my results from http://dkimvalidator.com:
DKIM Information:
DKIM Signature
Message contains this DKIM Signature:
DKIM-Signature: v=1; a=rsa-sha256; c=relaxed/relaxed; d=uncovery.me;
s=default; t=1462251347;
bh=H1ZQxZGAi/ER7izTUbYbzwk7dDEnB4GP9eoVrkSPDwM=;
h=Date:To:Subject:From:Reply-To;
b=0Ev825nqtxEp9VkG4bMPsMY0N7YBS3Jv7sYNvmuAcCUP76hPMS2Z7Tv2pl7OG2pIS
Anli6dNj0nvrQvLveS4ryf94RyCTyJ9jmARgjQVOiPkco6/UINeOyjfwg0cAjO8jWL
UDAwZ2jYQv0He7cy0RZx0PhJwFqc5sI0xlIq0Kdo=
Signature Information:
v= Version: 1
a= Algorithm: rsa-sha256
c= Method: relaxed/relaxed
d= Domain: uncovery.me
s= Selector: default
q= Protocol:
bh= H1ZQxZGAi/ER7izTUbYbzwk7dDEnB4GP9eoVrkSPDwM=
h= Signed Headers: Date:To:Subject:From:Reply-To
b= Data: 0Ev825nqtxEp9VkG4bMPsMY0N7YBS3Jv7sYNvmuAcCUP76hPMS2Z7Tv2pl7OG2pIS
Anli6dNj0nvrQvLveS4ryf94RyCTyJ9jmARgjQVOiPkco6/UINeOyjfwg0cAjO8jWL
UDAwZ2jYQv0He7cy0RZx0PhJwFqc5sI0xlIq0Kdo=
Public Key DNS Lookup
Building DNS Query for default._domainkey.uncovery.me
Retrieved this publickey from DNS: v=DKIM1; k=rsa; p=MIGfMA0GCSqGSIb3DQEBAQUAA4GNADCBiQKBgQDWlgMCx4FsUf8dCFOanHMGucB5/kVkHMHjmtWBaaJN9rAq6twWTueG0Xy8QwQsHfHFlEtLWKXAGHXoy7LWbA9WDjHjRd8MoEiWJxgF9wmkn+htuEN4rFGcauevUeVWb1QMEVOUo9Q6v78dauFIicd7T+t7p67tMUJgTG+/Na5qCQIDAQAB
Validating Signature
result = pass
Details:
SPF Information:
Using this information that I obtained from the headers
Helo Address = uncovery.net
From Address = minecraft@uncovery.me
From IP = 74.208.45.77
SPF Record Lookup
Looking up TXT SPF record for uncovery.me
Found the following namesevers for uncovery.me: ns06.domaincontrol.com ns05.domaincontrol.com
Retrieved this SPF Record: zone updated 20160503 (TTL = 18860)
using authoritative server (ns06.domaincontrol.com) directly for SPF Check
Result: pass (Mechanism 'ip4:74.208.45.77' matched)
Result code: pass
Local Explanation: uncovery.me: 74.208.45.77 is authorized to use 'minecraft@uncovery.me' in 'mfrom' identity (mechanism 'ip4:74.208.45.77' matched)
spf_header = Received-SPF: pass (uncovery.me: 74.208.45.77 is authorized to use 'minecraft@uncovery.me' in 'mfrom' identity (mechanism 'ip4:74.208.45.77' matched)) receiver=ip-172-31-3-128.us-west-1.compute.internal; identity=mailfrom; envelope-from="minecraft@uncovery.me"; helo=uncovery.net; client-ip=74.208.45.77
SpamAssassin Score: -0.1
Message is NOT marked as spam
Points breakdown:
-0.1 DKIM_VALID_AU Message has a valid DKIM or DK signature from author's
domain
0.1 DKIM_SIGNED Message has a DKIM or DK signature, not necessarily valid
-0.1 DKIM_VALID Message has at least one valid DKIM or DK signature
I am using Fastmail.com; the above checks are performed automatically and included into email headers.
You can send email to stayen at warpmail dot net and I will post the current headers.
Yeah I am working right now on installing DKIM/SPF on that domain as well.